Microsoft has released updates that address a vulnerability in Microsoft Windows 2000, Windows XP, and Windows Vista.
Install updates
Microsoft has released updates to address this vulnerability. The updates are available on the Microsoft Update site. We recommend enabling Automatic Updates.
A remote, unauthenticated attacker could execute arbitrary code or cause a vulnerable system to crash. Since the Server service runs with SYSTEM privileges, an attacker could take complete control of a vulnerable system.
Feedback can be directed to US-CERT.
Produced 2008 by US-CERT, a government organization. Terms of use
Revision History
October 23, 2008: Initial release